Glossary - MSAB

MSAB Digital Forensics Glossary

Key Terms and Definitions

Welcome to Our Digital Forensics Glossary — A resource for clear, concise definitions of key terms used in digital forensic investigations. This glossary includes terminology used in the field of smartphone investigations, mobile data extraction, and the analysis of digital evidence from mobile devices.

As mobile phones become central to cybercrime and digital investigations, it’s essential to understand critical concepts such as IMEI, mobile data acquisition, app artifacts, and SIM card analysis. You’ll also find definitions of broader digital forensics terms like hash values, metadata, and chain of custody — all explained in a straightforward, accessible format. Whether you’re a mobile forensics specialist, law enforcement officer, cybersecurity professional, or student, this glossary offers up-to-date explanations to help you navigate the rapidly evolving field of mobile forensics.

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

UART (Universal Asynchronous Receiver/Transmitter)

A hardware communication protocol used in forensics to access device data via serial ports, often employed in advanced mobile extractions (e.g., JTAG alternatives).

UEFI (Unified Extensible Firmware Interface)

A modern firmware standard replacing BIOS, analyzed in forensics to extract boot logs, secure boot data, or evidence of tampering in system startups.

UFDR (Universal Forensic Data Reader) in Mobile Forensics

A Universal Forensic Data Reader (UFDR) is a specialized hardware device used in mobile forensics to extract data from a wide range of mobile devices. UFDRs are designed to support multiple device interfaces, such as USB, JTAG, and ISP, and can acquire data from various storage media types, including flash memory chips and memory cards. […]

UI – User Interface

The visual or interactive layer of a forensic tool or device, designed to facilitate evidence extraction, analysis, or reporting by examiners.

Un-disable iOS Device – Mobile Device Forensics

A forensic technique removing the “iPhone is Disabled” message, typically using tools to bypass lockout timers and enable screen unlocking for data access.

Unallocated Space – Mobile Device Forensics

The area of a device’s memory outside the defined file system, available for data recovery in forensics to retrieve deleted files or fragments not yet overwritten.

Unauthorized Access

Entry into a system without permission, investigated in forensics to trace breach methods, identify perpetrators, or recover evidence of intrusion.

Unencrypted Data

Information stored without cryptographic protection, directly accessible in forensics but analyzed to determine if it was intentionally left vulnerable.

Uniform Resource Locator (URL)

A web address (e.g., www.example.com), examined in forensics within browser history, logs, or malware to trace online activity or malicious redirects.

Unify

MSAB Unify, a tool designed to help examiners collaborate and complete digital forensic analysis.

Universal Serial Bus (USB)

A common interface for connecting devices, analyzed in forensics to recover data from USB drives or detect usage via system logs (e.g., USB artifact analysis).

Unix Forensics

The investigation of Unix-based systems (e.g., Linux, macOS), focusing on file systems, logs (e.g., /var/log), and shell history to uncover evidence.

Unnamed Service – Crypto Forensics

A category of unidentified cryptocurrency clusters exhibiting service-like behavior (e.g., exchanges, mixers), analyzed to classify and trace their role in transactions.

Unspent – Crypto Forensics

Cryptocurrency value sent to a wallet but not yet spent, tracked in forensics to monitor held balances or detect dormant funds linked to illicit activity.

Untraced – Crypto Forensics

Cryptocurrency transactions or entities lacking clear attribution, investigated in forensics to uncover hidden trails or link to known actors through blockchain analysis.

User Agent

A string identifying a browser or device to web servers, parsed in forensics from network traffic or logs to profile devices involved in online activity.

User Datagram Protocol (UDP)

A connectionless network protocol, analyzed in forensics to investigate lightweight traffic (e.g., DNS queries) or detect UDP-based attacks like DDoS.

User Profile

A collection of settings and data tied to a user account, examined in forensics to recover preferences, activity logs, or credentials from systems or devices.

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at MSAB, corporate identity number 556244-3050 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Personalization cookies

In order to provide a better experiance we place cookies for your preferances

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data